-
Notifications
You must be signed in to change notification settings - Fork 1
/
load-bpf.sh
executable file
·83 lines (68 loc) · 2 KB
/
load-bpf.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#!/usr/bin/env bash
if [ -z $1 ] || [ -z $2 ] || [ -z $3 ]; then
echo "Usage: $0 <bpf_code.o> <iface> <type>"
exit 1
fi
# Allowed 'type' values:
# cls : classifier
# sf : service function
# redir : tc_redirect
# Script dir
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
function load_sf {
BPFOBJ="$1"
DEV="$2"
# Load decap XDP code
ip -force link set dev $DEV xdp \
obj $BPFOBJ sec xdp/decap
# Load encap code
# Headroom = sizeof(Ethernet) + sizeof(NSH) = 14 + 8 = 22
# ip route add $IPVETH1/32 encap bpf headroom 22 \
# xmit obj $BPFOBJ section encap dev $VETH0
# ip route add 0.0.0.0/0 encap bpf headroom 22 \
# xmit obj $BPFOBJ section encap dev $VETH2
# Load adjust + forward codes
tc qdisc add dev $DEV clsact 2> /dev/null
tc filter del dev $DEV egress 2> /dev/null
tc filter add dev $DEV egress bpf da obj $BPFOBJ \
sec action/forward
}
function load_redirect {
BPFOBJ="$1"
DEV="$2"
# Load tc_redirect program
tc filter add dev $DEV ingress prio 1 handle 1 \
bpf da obj $BPFOBJ sec ingress_redirect
# Load redirect code
tc qdisc add dev $DEV clsact 2> /dev/null
tc filter del dev $DEV ingress 2> /dev/null
tc filter replace dev $DEV ingress prio 1 handle 1 bpf da obj $BPFOBJ \
sec ingress_redirect
}
function load_classifier {
BPFOBJ="$1"
DEV="$2"
DIR="$3"
[ -z $DIR ] && DIR="egress"
# Load decap XDP code
#ip -force link set dev $DEV xdp \
# obj $BPFOBJ sec classify
tc qdisc add dev $DEV clsact 2> /dev/null
tc filter del dev $DEV $DIR 2> /dev/null
tc filter add dev $DEV $DIR bpf da obj $BPFOBJ \
sec classify
}
PROG="$1"
IFACE="$2"
TYPE="$3"
if [ $TYPE = "sf" ]; then
load_sf $PROG $IFACE
elif [ $TYPE = "cls" ]; then
DIR="$4"
load_classifier $PROG $IFACE $DIR
elif [ $TYPE = "redir" ]; then
load_redirect $PROG $IFACE
else
echo "Error: Unknown type $TYPE"
exit 1
fi